/**
 * 
 */
package pers.vic.system.shiro;

import java.util.List;

import javax.annotation.Resource;

import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.dao.DataAccessException;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;

import pers.vic.base.bo.system.Principal;
import pers.vic.base.bo.system.SysMenu;
import pers.vic.base.bo.system.SysUser;
import pers.vic.system.system.service.SysMenuService;
import pers.vic.system.system.service.SysUserService;
import pers.vic.util.PasswordUtils;

/**
 * @author VIC
 *
 */
@Service
public class SystemAuthorizingRealm extends AuthorizingRealm{
	
	private Logger logger = LoggerFactory.getLogger(SystemAuthorizingRealm.class);
	
	@Resource
	private SysUserService sysUserService;
	
	@Resource
	private SysMenuService sysMenuService;

	/**
	 * 认证回调函数   authc  登陆时候调用
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
		UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
		String username = token.getUsername();
		String password = String.valueOf(token.getPassword());
		if(StringUtils.isEmpty(username) || StringUtils.isEmpty(password)){
			throw new AccountException("请输入用户名和密码");
		}
		SimpleAuthenticationInfo info;
		Principal principal;
		try{
			SysUser user = sysUserService.findUserByUsername(username);
			if(user == null) {
				 throw new UnknownAccountException("用户 [" + username + "]不存在");
			}
			if(!PasswordUtils.validatePassword(password, user.getPassword())) {
				throw new IncorrectCredentialsException("用户名或者密码错误");
			}
			if(0 == user.getEnabled()) {
				throw new AuthenticationException("账号被禁用");
			}
			//构建菜单权限
			List<SysMenu> menus = sysMenuService.getAuthorityMenu(user.getId());
			principal = new Principal(user, menus);
		}catch(DataAccessException e){
			  final String message = "获取用户 [" + username + "]信息时出错";
	            if (logger.isErrorEnabled()) {
	                logger.error(message, e);
	            }
	            throw new AuthenticationException(message, e);
		}
		info = new SimpleAuthenticationInfo(principal, password, getName());
		return info;
	}
	/**
	 * 授权
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection authcToken) {
		
		return null;
	}
	


}
